<?php if (!defined('SYSTEM_ROOT')) { die('Insufficient Permissions'); }
/**
 * 全局用户控制
 */
if (isset($_COOKIE['username']) && isset($_COOKIE['password'])) {
    $name = isset($_COOKIE['username']) ? addslashes(strip_tags($_COOKIE['username'])) : '';
    $pw = isset($_COOKIE['password']) ? addslashes(strip_tags($_COOKIE['password'])) : '';
    $osq = $m->query("SELECT * FROM  `".DB_NAME."`.`".DB_PREFIX."users` WHERE name = '{$name}' LIMIT 1");
    if($m->num_rows($osq) == 0) {
        $osq = $m->query("SELECT * FROM  `".DB_NAME."`.`".DB_PREFIX."users` WHERE email = '{$name}' LIMIT 1");
        if($m->num_rows($osq) == 0) {
            setcookie("username",'', time() - 3600);
            setcookie("password",'', time() - 3600);
            ReDirect("index.php?mod=login&msg=".urlencode('Cookies 所记录的账号信息不正确，请重新登录'));
            die;
        }
    }
    $p = $m->fetch_array($osq);
    if ($pw != $p['pw']) {
        setcookie("username",'', time() - 3600);
        setcookie("password",'', time() - 3600);
        ReDirect("index.php?mod=login&msg=".urlencode('Cookies 所记录的账号信息不正确，请重新登录'));
        die;
    } else {
        define('LOGIN',true);
        define('UNAME',$p['name']);
        define('UID',$p['id']);
        define('UEMAIL',$p['email']);
        define('FULLNAME',$p['fullname']);
        define('ROLE',$p['role']);
    }
}
if (SYSTEM_PAGE == 'admin:login') {
    $name = isset($_POST['username']) ? addslashes(strip_tags($_POST['username'])) : '';
    $pw = isset($_POST['password']) ? addslashes(strip_tags($_POST['password'])) : '';
    if(empty($name) || empty($pw)){ReDirect("index.php?mod=login&msg=".urlencode('登录失败，账号或者密码为空！'));}
    $osq = $m->query("SELECT * FROM  `".DB_NAME."`.`".DB_PREFIX."users` WHERE `name` = '{$name}' OR `email` = '{$name}' LIMIT 1");
    if($m->num_rows($osq) == 0) {
        ReDirect("index.php?mod=login&msg=".urlencode('登录失败，账号、密码信息不正确！'));die;
    }
    $p = $m->fetch_array($osq);
    if (EncodePwd($pw) != $p['pw']) {
        ReDirect("index.php?mod=login&msg=".urlencode('登录失败，账号、密码信息不正确！'));die;
    } else {
        setcookie("username",$name);
        setcookie("password",EncodePwd($pw));
    }
}
elseif(SYSTEM_PAGE == 'admin:logout'){
    setcookie("username",'', time() - 3600);
    setcookie("password",'', time() - 3600);
}